Suggestion: Store PGP keys in 1Password

[Deleted User]
[Deleted User]
Community Member
edited July 2016 in 1Password 4 for Windows

Could we get PGP key storage in the next update?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited July 2016

    @SebastianRasor01: You can actually already store it as an attachment. I have Secure Notes saved for my various keys. I hope this helps. Let me know if you have any other questions! :)

  • svondutch
    svondutch
    1Password Alumni
    edited July 2016

    @SebastianRasor01 What @brenty says. I myself store my PGP keys in a so-called "generated passwords" item (because most of my PGP keys are protected by a passphrase). If you do not see the "generated passwords" then you can turn on this category here: View > Generated Passwords. Thanks!

  • AGAlumB
    AGAlumB
    1Password Alumni

    :) :+1:

  • adium
    adium
    Community Member

    Using custom fields removes line breaks, destroying the keys.

    This should really be considered. Not just PGP either, but SSH, Bitcoin, even 1Password use key file encryption. Or at the least give the option to include a second notes field.

  • Hi @adium,

    We'll consider including a multi-line text field as a custom type but we can't make any promises, multi-line fields are special fields has its own limitations and we rarely use them. You can use Secure Notes and/or attachments instead.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @adium: Indeed, I usually use the Notes field, the Secure Notes type, or add the files themselves. And that's something that's easy to do now. Cheers! :)

  • adium
    adium
    Community Member

    All of these methods circumnavigate several security features or create other problems. Doing as you suggest bypasses automatically clearing the clipboard after a set amount of time and concealing passwords. Attachments can not be opened within 1Password, they must be exported outside of the encrypted 1Password environment then opened (quick look doesn't support highlighting) in a third party app. Which also means this option is non-existent on mobile devices.

    Using notes requires everything dumped into a single field or the creation of multiple notes. There is no ability to create folders, rename categories, or any other features to maintain a reasonable level of organization. For a single key, this might be acceptable, except key cryptography is very popular. It's not only used for PGP, but also SSH, Bitcoin, digital signatures, and it is even the technology behind 1Password.

    There a category dedicated to keeping tracking of a hunting license and not key crypto. Most people I know who hunt have their password on a post-it next to the computer.

    The way I'm translating your suggestions are exit 1Password or forget any type of organization.

  • MikeT
    edited January 2017

    Hi @adium,

    We do understand and it sounds like 1Password isn't the right tool for your needs right now, it was never designed for your type of use, to manage all of these key files for various crypto key-based services. We do understand there is value to provide that support to 1Password but it is not something that will work now. There are ways 1Password could accommodate it like what we've suggested and we're working on custom templates for 1Password in the future, this could be adjusted to meet your needs.

  • mlewin
    mlewin
    Community Member

    Hi. I'd like to cast an upvote for being able to store (secure) multi-line fields. I was honestly surprised that the "Password" and "Text" field types strip out newlines. I'm attaching a screenshot to give you an idea of how I currently store my SSH keys. The image shows "id_rsa," a "Password" category item. The password field in the entry is the passphrase for the key. As you can see, I have linked to file versions of the public and private keys and the secure note "id_rsa" shown in the second image below. I have the private key in the "notes" field of that secure note and a custom field named "public key," because public keys are a single line.

    Honestly, this feels like a lot of hoops to jump through for what I assumed would be simple, and it does make the mobile experience somewhat lacking. My experience with 1Password is that you guys have anticipated everything I need to use it well, even before I realize I want to use the app(lication) that way. This is the one example where I've been unpleasantly surprised.

    I appreciate whatever you can do to implement this feature.

    Thanks a lot.

  • @mlewin: Thanks for the feedback. I'm actually quite impressed with the method you've come up with to make this work for you in the meantime, for all its faults. As Mike mentioned, this isn't something 1Password is really designed to do right now and we don't have any specific plans to implement it, but it's certainly something we can keep in mind for the future. :chuffed:

    I'm sorry our psychic powers appear to have been lacking this time, but glad to hear that 1Password has otherwise served you so well. :+1:

  • AGAlumB
    AGAlumB
    1Password Alumni

    @mlewin: Just to clarify, for the primary use of password and text fields, having new lines would be a big problem: most people use these for web forms, and filling or pasting text with a new line in it will often submit a form when you might not want it to, which can get people locked out of accounts. Notes fields are great for multiline text though. Cheers! :)

  • Allarm
    Allarm
    Community Member

    I've tried to reproduce the @mlewin 's method and I can't understand, how exactly I can link the documents and the note to the password entity - I just do not have any "Related Items" section there:

    I also could not find anything about the "Related Items" section in the knowledge base. Is there something I am missing here?

  • mlewin
    mlewin
    Community Member

    @Allarm, as you can see from my original screen shots, I do have a "Related Items" section for every "Password" entry. (I believe I have the option for every 1Password entry.) I'm using 1Password version 6.8.6 (686003) on a Mac. I can confirm that the "Related Items" section also appears on my iOS version of 1Password.

    Do you have the "Related Items" option for any other category of entry?

    Also, I notice you a checkbox allowing you to indicate "Never display in browser." I've never seen that. What version of 1Password are you using?

    I'm using a "1Password Families" account. One of the features vs. individual accounts is:

    Could that be the difference?

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Allarm: Related Items can be viewed in 1Password 6 on Windows, but they cannot be linked there yet. That's coming in an update. mlewin did it using a different app. Sorry for the confusion there.

  • rbarrimond
    rbarrimond
    Community Member
    edited April 2018

    @MikeT While I don't agree with @adium tone, he has a strong point. The fact that GnuPG and SSH makes for passphrases for secret keys is a central 1Password use case. Central. I engineered a workaround solution much like @mlewin did and realized this is far too much work.

    An immediate solution is actually kind of simple. Create a field for the password template labeled "public key block" and "secret key block" that will properly store an ASCII armored export of public and secret keys. And you support the clipboard management just like you do for passwords. I think this is almost trivial to implement. You have everything you need in place. The cool part is that usually when installing keys on sites the block is what they ask for.

    If this can be done now, please let me know!

    You can get all fancy later!

  • AGAlumB
    AGAlumB
    1Password Alumni

    @rbarrimond: Thanks for your feedback on this. It may seem "trivial" to you, but even "trivial" changes like that need to be considered from a much broader perspective:

    • 7 different "apps" which need to support the data structures
    • 2 different local vault formats
    • 1Password.com account database

    So while we'd definitely like to add more flexibility to custom fields, and that would help your use case and others, it's going to take a lot more that a few lines of code in Visual Studio to make it happen. And when we're dealing with data, we need to be extra careful. Thanks for understanding. :blush:

  • cruise2001
    cruise2001
    Community Member

    I have to suggest a special "Category" or "Field "type" as well. I'm a Linux system administrator at an 'elite university in Pittsburgh', and we use ssh keys frequently. Without a formatting correction, 1Password would not be workable for us.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @cruise2001: We don't have any plans to create more categories, as we get all sorts of requests for different ones. Someday perhaps we can make it possible for users to create their own, but probably not in the near term as it would involve some big changes to all (7!!) of the apps. Secure Notes work, and I know a number of us here use them for this purpose. And in version 7 were rolling out Markdown support as well, which means preformatted text can be used. Keep an eye out for that. :)

  • cruise2001
    cruise2001
    Community Member
    edited June 2018

    @brenty Indeed the markdown does a nice job of neurotic people like myself who likes to see justified text.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Glad that helps! Looking forward to getting Markdown support everywhere in the near future. :)

  • mlewin
    mlewin
    Community Member

    @brenty I happened to stumble over this "upvote" request I made a couple years ago. I know you guys have made pretty substantial changes across all platforms in the last couple years. I haven't, however, noticed any changes that might make the public key / private key thing any easier. (To be honest, I haven't really looked. My convoluted solution continues to work, even if it's suboptimal.) Have I missed anything in the last couple years? Has this kind of thing been implemented? Thanks.

    -Matt

  • Nothing new to share, @mlewin. Something like new templates or field types requires a lot of cross-platform coordination and since we develop each app natively, that sometimes makes these changes a bit slower to develop as we need something that's going to work as we want everywhere. I can't give any spoilers as that's the sort of stuff that ends up turning me into a liar when something doesn't work out as we'd like, but there have been discussions about a few bigger changes that I think are likely to help here. This is all still very fluid and likely a good ways out yet so I won't dive into any details now, but it's on our minds for sure. :+1:

This discussion has been closed.